private static int userLevel(string board_id, string discussion_id, DynamicTableEntity entity, bool is_discussion, bool is_undelete) { if (!is_undelete && !is_discussion && CreatorConverter.IsCurrentUserCreator(entity)) { return(99); } else if (IsSiteOwner()) { return(90); } else if (IsChairOwner(board_id)) { return(80); } else if (IsViceOwner(board_id)) { return(60); } else if (DiscussionLoadStore.IsCurrentUserDiscussionCreator(board_id, discussion_id)) { return(30); } else { return(20); } }
public static void CheckEditRight(string board_id, string discussion_id, DynamicTableEntity entity) { Subtype subtype = LetterConverter.GetSubtype(entity); if (subtype == Subtype.d) { Util.ThrowUnauthorizedException("不能編輯的類型。"); } if (!CreatorConverter.IsCurrentUserCreator(entity) && !DiscussionLoadStore.IsCurrentUserDiscussionCreator(board_id, discussion_id) && !IsBoardOwner(board_id)) { Util.ThrowUnauthorizedException("沒有編輯權限。只有副板主以上、串主、或原作者可以編輯。"); } }
public static int CheckDeleteRight(string board_id, string discussion_id, string letter_id, DynamicTableEntity entity, bool is_undelete) { bool is_discussion = letter_id == SandId.HEADING_LETTER_ID; string cmd_name = is_undelete ? "復原" : "刪除"; int user_level = userLevel(board_id, discussion_id, entity, is_discussion, is_undelete); int required_level = is_discussion ? 50 : (is_undelete ? 30 : 20); if (user_level < required_level) { Util.ThrowUnauthorizedException("沒有" + cmd_name + (is_discussion ? "討論串" : "留言") + "權限。需要權限等級" + required_level + ",您的權限等級為" + user_level + "。"); } return(user_level); #if OLD if (is_undelete || is_discussion) { if (!IsBoardOwner(board_id)) { Util.ThrowUnauthorizedException("沒有" + cmd_name + "權限。只有板主可以" + cmd_name + (is_discussion ? "討論串" : "留言") + "。"); } } else { if (!CreatorConverter.IsCurrentUserCreator(entity) && !DiscussionLoadStore.IsCurrentUserDiscussionCreator(board_id, discussion_id) && !IsBoardOwner(board_id)) { // Util.ThrowUnauthorizedException("沒有刪除權限。只有板主、串主、或原作者可以刪除留言。"); } } #endif }